kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove other unnecessary tlsext_ prefixes.

Browse Source 
Change-Id: Ib31a12527006ff57beb99bcfd0bf1f906773e1ca
Reviewed-on: https://boringssl-review.googlesource.com/29593
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2018-07-03 14:01:26 -04:00 committed by Adam Langley
parent 7bb0fbf77b
commit 4685376b2b
9 changed files with 81 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ssl/handoff.cc
View File

@ -165,7 +165,7 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
!CBB_add_asn1_octet_string(&seq, read_iv, read_iv_len) || !CBB_add_asn1_octet_string(&seq, read_iv, read_iv_len) ||
!CBB_add_asn1_octet_string(&seq, write_iv, write_iv_len) || !CBB_add_asn1_octet_string(&seq, write_iv, write_iv_len) ||
!CBB_add_asn1_bool(&seq, s3->session_reused) || !CBB_add_asn1_bool(&seq, s3->session_reused) ||
!CBB_add_asn1_bool(&seq, s3->tlsext_channel_id_valid) || !CBB_add_asn1_bool(&seq, s3->channel_id_valid) ||
!ssl_session_serialize(session, &seq) || !ssl_session_serialize(session, &seq) ||
!CBB_add_asn1_octet_string(&seq, s3->next_proto_negotiated.data(), !CBB_add_asn1_octet_string(&seq, s3->next_proto_negotiated.data(),
s3->next_proto_negotiated.size()) || s3->next_proto_negotiated.size()) ||
@ -174,8 +174,8 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
!CBB_add_asn1_octet_string( !CBB_add_asn1_octet_string(
&seq, reinterpret_cast<uint8_t *>(s3->hostname.get()), &seq, reinterpret_cast<uint8_t *>(s3->hostname.get()),
hostname_len) || hostname_len) ||
!CBB_add_asn1_octet_string(&seq, s3->tlsext_channel_id, !CBB_add_asn1_octet_string(&seq, s3->channel_id,
sizeof(s3->tlsext_channel_id)) || sizeof(s3->channel_id)) ||
!CBB_add_asn1_bool(&seq, ssl->s3->token_binding_negotiated) || !CBB_add_asn1_bool(&seq, ssl->s3->token_binding_negotiated) ||
!CBB_add_asn1_uint64(&seq, ssl->s3->negotiated_token_binding_param) || !CBB_add_asn1_uint64(&seq, ssl->s3->negotiated_token_binding_param) ||
!CBB_add_asn1_bool(&seq, s3->hs->next_proto_neg_seen) || !CBB_add_asn1_bool(&seq, s3->hs->next_proto_neg_seen) ||
@ -251,9 +251,9 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
!CBS_get_asn1(&seq, &alpn, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&seq, &alpn, CBS_ASN1_OCTETSTRING) ||
!CBS_get_asn1(&seq, &hostname, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&seq, &hostname, CBS_ASN1_OCTETSTRING) ||
!CBS_get_asn1(&seq, &channel_id, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&seq, &channel_id, CBS_ASN1_OCTETSTRING) ||
CBS_len(&channel_id) != sizeof(s3->tlsext_channel_id) || CBS_len(&channel_id) != sizeof(s3->channel_id) ||
!CBS_copy_bytes(&channel_id, s3->tlsext_channel_id, !CBS_copy_bytes(&channel_id, s3->channel_id,
sizeof(s3->tlsext_channel_id)) || sizeof(s3->channel_id)) ||
!CBS_get_asn1_bool(&seq, &token_binding_negotiated) || !CBS_get_asn1_bool(&seq, &token_binding_negotiated) ||
!CBS_get_asn1_uint64(&seq, &negotiated_token_binding_param) || !CBS_get_asn1_uint64(&seq, &negotiated_token_binding_param) ||
!CBS_get_asn1_bool(&seq, &next_proto_neg_seen) || !CBS_get_asn1_bool(&seq, &next_proto_neg_seen) ||
@ -302,7 +302,7 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
return false; return false;
} }
s3->session_reused = session_reused; s3->session_reused = session_reused;
s3->tlsext_channel_id_valid = channel_id_valid; s3->channel_id_valid = channel_id_valid;
s3->next_proto_negotiated.CopyFrom(next_proto); s3->next_proto_negotiated.CopyFrom(next_proto);
s3->alpn_selected.CopyFrom(alpn); s3->alpn_selected.CopyFrom(alpn);

6
ssl/handshake_client.cc
View File

@ -1396,12 +1396,12 @@ static enum ssl_hs_wait_t do_send_client_certificate_verify(SSL_HANDSHAKE *hs) {
static enum ssl_hs_wait_t do_send_client_finished(SSL_HANDSHAKE *hs) { static enum ssl_hs_wait_t do_send_client_finished(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
// Resolve Channel ID first, before any non-idempotent operations. // Resolve Channel ID first, before any non-idempotent operations.
if (ssl->s3->tlsext_channel_id_valid) { if (ssl->s3->channel_id_valid) {
if (!ssl_do_channel_id_callback(hs)) { if (!ssl_do_channel_id_callback(hs)) {
return ssl_hs_error; return ssl_hs_error;
} }
if (hs->config->tlsext_channel_id_private == NULL) { if (hs->config->channel_id_private == NULL) {
hs->state = state_send_client_finished; hs->state = state_send_client_finished;
return ssl_hs_channel_id_lookup; return ssl_hs_channel_id_lookup;
} }
@ -1431,7 +1431,7 @@ static enum ssl_hs_wait_t do_send_client_finished(SSL_HANDSHAKE *hs) {
} }
} }
if (ssl->s3->tlsext_channel_id_valid) { if (ssl->s3->channel_id_valid) {
ScopedCBB cbb; ScopedCBB cbb;
CBB body; CBB body;
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CHANNEL_ID) || if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CHANNEL_ID) ||

12
ssl/handshake_server.cc
View File

@ -631,7 +631,7 @@ static enum ssl_hs_wait_t do_select_parameters(SSL_HANDSHAKE *hs) {
hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER); hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER);
// Only request a certificate if Channel ID isn't negotiated. // Only request a certificate if Channel ID isn't negotiated.
if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) && if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) &&
ssl->s3->tlsext_channel_id_valid) { ssl->s3->channel_id_valid) {
hs->cert_request = false; hs->cert_request = false;
} }
// CertificateRequest may only be sent in certificate-based ciphers. // CertificateRequest may only be sent in certificate-based ciphers.
@ -679,9 +679,9 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
// We only accept ChannelIDs on connections with ECDHE in order to avoid a // We only accept ChannelIDs on connections with ECDHE in order to avoid a
// known attack while we fix ChannelID itself. // known attack while we fix ChannelID itself.
if (ssl->s3->tlsext_channel_id_valid && if (ssl->s3->channel_id_valid &&
(hs->new_cipher->algorithm_mkey & SSL_kECDHE) == 0) { (hs->new_cipher->algorithm_mkey & SSL_kECDHE) == 0) {
ssl->s3->tlsext_channel_id_valid = false; ssl->s3->channel_id_valid = false;
} }
// If this is a resumption and the original handshake didn't support // If this is a resumption and the original handshake didn't support
@ -689,7 +689,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
// session and so cannot resume with ChannelIDs. // session and so cannot resume with ChannelIDs.
if (ssl->session != NULL && if (ssl->session != NULL &&
ssl->session->original_handshake_hash_len == 0) { ssl->session->original_handshake_hash_len == 0) {
ssl->s3->tlsext_channel_id_valid = false; ssl->s3->channel_id_valid = false;
} }
struct OPENSSL_timeval now; struct OPENSSL_timeval now;
@ -1363,7 +1363,7 @@ static enum ssl_hs_wait_t do_read_next_proto(SSL_HANDSHAKE *hs) {
static enum ssl_hs_wait_t do_read_channel_id(SSL_HANDSHAKE *hs) { static enum ssl_hs_wait_t do_read_channel_id(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
if (!ssl->s3->tlsext_channel_id_valid) { if (!ssl->s3->channel_id_valid) {
hs->state = state12_read_client_finished; hs->state = state12_read_client_finished;
return ssl_hs_ok; return ssl_hs_ok;
} }
@ -1400,7 +1400,7 @@ static enum ssl_hs_wait_t do_read_client_finished(SSL_HANDSHAKE *hs) {
// If this is a full handshake with ChannelID then record the handshake // If this is a full handshake with ChannelID then record the handshake
// hashes in |hs->new_session| in case we need them to verify a // hashes in |hs->new_session| in case we need them to verify a
// ChannelID signature on a resumption of this session in the future. // ChannelID signature on a resumption of this session in the future.
if (ssl->session == NULL && ssl->s3->tlsext_channel_id_valid && if (ssl->session == NULL && ssl->s3->channel_id_valid &&
!tls1_record_handshake_hashes_for_channel_id(hs)) { !tls1_record_handshake_hashes_for_channel_id(hs)) {
return ssl_hs_error; return ssl_hs_error;
} }

41
ssl/internal.h
View File

@ -2163,9 +2163,8 @@ struct SSL3_STATE {
// In a client, this means that the server supported Channel ID and that a // In a client, this means that the server supported Channel ID and that a
// Channel ID was sent. In a server it means that we echoed support for // Channel ID was sent. In a server it means that we echoed support for
// Channel IDs and that tlsext_channel_id will be valid after the // Channel IDs and that |channel_id| will be valid after the handshake.
// handshake. bool channel_id_valid:1;
bool tlsext_channel_id_valid:1;
// key_update_pending is true if we have a KeyUpdate acknowledgment // key_update_pending is true if we have a KeyUpdate acknowledgment
// outstanding. // outstanding.
@ -2258,10 +2257,10 @@ struct SSL3_STATE {
UniquePtr<char> hostname; UniquePtr<char> hostname;
// For a server: // For a server:
// If |tlsext_channel_id_valid| is true, then this contains the // If |channel_id_valid| is true, then this contains the
// verified Channel ID from the client: a P256 point, (x,y), where // verified Channel ID from the client: a P256 point, (x,y), where
// each are big-endian values. // each are big-endian values.
uint8_t tlsext_channel_id[64] = {0}; uint8_t channel_id[64] = {0};
// Contains the QUIC transport params received by the peer. // Contains the QUIC transport params received by the peer.
Array<uint8_t> peer_quic_transport_params; Array<uint8_t> peer_quic_transport_params;
@ -2450,7 +2449,7 @@ struct SSL_CONFIG {
Array<uint16_t> supported_group_list; // our list Array<uint16_t> supported_group_list; // our list
// The client's Channel ID private key. // The client's Channel ID private key.
UniquePtr<EVP_PKEY> tlsext_channel_id_private; UniquePtr<EVP_PKEY> channel_id_private;
// For a client, this contains the list of supported protocols in wire // For a client, this contains the list of supported protocols in wire
// format. // format.
@ -2476,10 +2475,10 @@ struct SSL_CONFIG {
// whether OCSP stapling will be requested. // whether OCSP stapling will be requested.
bool ocsp_stapling_enabled:1; bool ocsp_stapling_enabled:1;
// tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server, // channel_id_enabled is copied from the |SSL_CTX|. For a server, means that
// means that we'll accept Channel IDs from clients. For a client, means that // we'll accept Channel IDs from clients. For a client, means that we'll
// we'll advertise support. // advertise support.
bool tlsext_channel_id_enabled:1; bool channel_id_enabled:1;
// retain_only_sha256_of_client_certs is true if we should compute the SHA256 // retain_only_sha256_of_client_certs is true if we should compute the SHA256
// hash of the peer's certificate and then discard it to save memory and // hash of the peer's certificate and then discard it to save memory and
@ -2749,8 +2748,8 @@ enum ssl_ticket_aead_result_t ssl_process_ticket(
int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg); int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg);
// tls1_write_channel_id generates a Channel ID message and puts the output in // tls1_write_channel_id generates a Channel ID message and puts the output in
// |cbb|. |ssl->tlsext_channel_id_private| must already be set before calling. // |cbb|. |ssl->channel_id_private| must already be set before calling. This
// This function returns true on success and false on error. // function returns true on success and false on error.
bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb); bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb);
// tls1_channel_id_hash computes the hash to be signed by Channel ID and writes // tls1_channel_id_hash computes the hash to be signed by Channel ID and writes
@ -2762,7 +2761,7 @@ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs);
// ssl_do_channel_id_callback checks runs |hs->ssl->ctx->channel_id_cb| if // ssl_do_channel_id_callback checks runs |hs->ssl->ctx->channel_id_cb| if
// necessary. It returns one on success and zero on fatal error. Note that, on // necessary. It returns one on success and zero on fatal error. Note that, on
// success, |hs->ssl->tlsext_channel_id_private| may be unset, in which case the // success, |hs->ssl->channel_id_private| may be unset, in which case the
// operation should be retried later. // operation should be retried later.
int ssl_do_channel_id_callback(SSL_HANDSHAKE *hs); int ssl_do_channel_id_callback(SSL_HANDSHAKE *hs);
@ -2949,8 +2948,8 @@ struct ssl_ctx_st {
uint16_t max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; uint16_t max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
// TLS extensions servername callback // TLS extensions servername callback
int (*tlsext_servername_callback)(SSL *, int *, void *) = nullptr; int (*servername_callback)(SSL *, int *, void *) = nullptr;
void *tlsext_servername_arg = nullptr; void *servername_arg = nullptr;
// RFC 4507 session ticket keys. |ticket_key_current| may be NULL before the // RFC 4507 session ticket keys. |ticket_key_current| may be NULL before the
// first handshake and |ticket_key_prev| may be NULL at any time. // first handshake and |ticket_key_prev| may be NULL at any time.
@ -3019,7 +3018,7 @@ struct ssl_ctx_st {
bssl::Array<uint16_t> supported_group_list; bssl::Array<uint16_t> supported_group_list;
// The client's Channel ID private key. // The client's Channel ID private key.
bssl::UniquePtr<EVP_PKEY> tlsext_channel_id_private; bssl::UniquePtr<EVP_PKEY> channel_id_private;
// keylog_callback, if not NULL, is the key logging callback. See // keylog_callback, if not NULL, is the key logging callback. See
// |SSL_CTX_set_keylog_callback|. // |SSL_CTX_set_keylog_callback|.
@ -3063,10 +3062,10 @@ struct ssl_ctx_st {
// If true, a client will request certificate timestamps. // If true, a client will request certificate timestamps.
bool signed_cert_timestamps_enabled:1; bool signed_cert_timestamps_enabled:1;
// tlsext_channel_id_enabled is whether Channel ID is enabled. For a server, // channel_id_enabled is whether Channel ID is enabled. For a server, means
// means that we'll accept Channel IDs from clients. For a client, means that // that we'll accept Channel IDs from clients. For a client, means that we'll
// we'll advertise support. // advertise support.
bool tlsext_channel_id_enabled:1; bool channel_id_enabled:1;
// grease_enabled is whether draft-davidben-tls-grease-01 is enabled. // grease_enabled is whether draft-davidben-tls-grease-01 is enabled.
bool grease_enabled:1; bool grease_enabled:1;
@ -3171,7 +3170,7 @@ struct ssl_st {
uint32_t options = 0; // protocol behaviour uint32_t options = 0; // protocol behaviour
uint32_t mode = 0; // API behaviour uint32_t mode = 0; // API behaviour
uint32_t max_cert_list = 0; uint32_t max_cert_list = 0;
bssl::UniquePtr<char> tlsext_hostname; bssl::UniquePtr<char> hostname;
// renegotiate_mode controls how peer renegotiation attempts are handled. // renegotiate_mode controls how peer renegotiation attempts are handled.
ssl_renegotiate_mode_t renegotiate_mode = ssl_renegotiate_never; ssl_renegotiate_mode_t renegotiate_mode = ssl_renegotiate_never;

2
ssl/s3_lib.cc
View File

@ -173,7 +173,7 @@ SSL3_STATE::SSL3_STATE()
initial_handshake_complete(false), initial_handshake_complete(false),
session_reused(false), session_reused(false),
send_connection_binding(false), send_connection_binding(false),
tlsext_channel_id_valid(false), channel_id_valid(false),
key_update_pending(false), key_update_pending(false),
wpend_pending(false), wpend_pending(false),
early_data_accepted(false), early_data_accepted(false),

40
ssl/ssl_lib.cc
View File

@ -540,7 +540,7 @@ ssl_ctx_st::ssl_ctx_st(const SSL_METHOD *ssl_method)
quiet_shutdown(false), quiet_shutdown(false),
ocsp_stapling_enabled(false), ocsp_stapling_enabled(false),
signed_cert_timestamps_enabled(false), signed_cert_timestamps_enabled(false),
tlsext_channel_id_enabled(false), channel_id_enabled(false),
grease_enabled(false), grease_enabled(false),
allow_unknown_alpn_protos(false), allow_unknown_alpn_protos(false),
ed25519_enabled(false), ed25519_enabled(false),
@ -691,9 +691,8 @@ SSL *SSL_new(SSL_CTX *ctx) {
ssl->config->psk_client_callback = ctx->psk_client_callback; ssl->config->psk_client_callback = ctx->psk_client_callback;
ssl->config->psk_server_callback = ctx->psk_server_callback; ssl->config->psk_server_callback = ctx->psk_server_callback;
ssl->config->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled; ssl->config->channel_id_enabled = ctx->channel_id_enabled;
ssl->config->tlsext_channel_id_private = ssl->config->channel_id_private = UpRef(ctx->channel_id_private);
UpRef(ctx->tlsext_channel_id_private);
ssl->config->signed_cert_timestamps_enabled = ssl->config->signed_cert_timestamps_enabled =
ctx->signed_cert_timestamps_enabled; ctx->signed_cert_timestamps_enabled;
@ -712,7 +711,7 @@ SSL_CONFIG::SSL_CONFIG(SSL *ssl_arg)
: ssl(ssl_arg), : ssl(ssl_arg),
signed_cert_timestamps_enabled(false), signed_cert_timestamps_enabled(false),
ocsp_stapling_enabled(false), ocsp_stapling_enabled(false),
tlsext_channel_id_enabled(false), channel_id_enabled(false),
retain_only_sha256_of_client_certs(false), retain_only_sha256_of_client_certs(false),
handoff(false), handoff(false),
shed_handshake_config(false) { shed_handshake_config(false) {
@ -1827,8 +1826,8 @@ const char *SSL_get_servername(const SSL *ssl, const int type) {
// Historically, |SSL_get_servername| was also the configuration getter // Historically, |SSL_get_servername| was also the configuration getter
// corresponding to |SSL_set_tlsext_host_name|. // corresponding to |SSL_set_tlsext_host_name|.
if (ssl->tlsext_hostname != nullptr) { if (ssl->hostname != nullptr) {
return ssl->tlsext_hostname.get(); return ssl->hostname.get();
} }
return ssl->s3->hostname.get(); return ssl->s3->hostname.get();
@ -1907,7 +1906,7 @@ void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out,
} }
int SSL_set_tlsext_host_name(SSL *ssl, const char *name) { int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
ssl->tlsext_hostname.reset(); ssl->hostname.reset();
if (name == nullptr) { if (name == nullptr) {
return 1; return 1;
} }
@ -1917,8 +1916,8 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
return 0; return 0;
} }
ssl->tlsext_hostname.reset(BUF_strdup(name)); ssl->hostname.reset(BUF_strdup(name));
if (ssl->tlsext_hostname == nullptr) { if (ssl->hostname == nullptr) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return 0; return 0;
} }
@ -1927,12 +1926,12 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
int SSL_CTX_set_tlsext_servername_callback( int SSL_CTX_set_tlsext_servername_callback(
SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)) { SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)) {
ctx->tlsext_servername_callback = callback; ctx->servername_callback = callback;
return 1; return 1;
} }
int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg) { int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg) {
ctx->tlsext_servername_arg = arg; ctx->servername_arg = arg;
return 1; return 1;
} }
@ -2080,7 +2079,7 @@ err:
} }
void SSL_CTX_set_tls_channel_id_enabled(SSL_CTX *ctx, int enabled) { void SSL_CTX_set_tls_channel_id_enabled(SSL_CTX *ctx, int enabled) {
ctx->tlsext_channel_id_enabled = !!enabled; ctx->channel_id_enabled = !!enabled;
} }
int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx) { int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx) {
@ -2092,7 +2091,7 @@ void SSL_set_tls_channel_id_enabled(SSL *ssl, int enabled) {
if (!ssl->config) { if (!ssl->config) {
return; return;
} }
ssl->config->tlsext_channel_id_enabled = !!enabled; ssl->config->channel_id_enabled = !!enabled;
} }
int SSL_enable_tls_channel_id(SSL *ssl) { int SSL_enable_tls_channel_id(SSL *ssl) {
@ -2113,8 +2112,8 @@ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) {
return 0; return 0;
} }
ctx->tlsext_channel_id_private = UpRef(private_key); ctx->channel_id_private = UpRef(private_key);
ctx->tlsext_channel_id_enabled = true; ctx->channel_id_enabled = true;
return 1; return 1;
} }
@ -2128,18 +2127,17 @@ int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) {
return 0; return 0;
} }
ssl->config->tlsext_channel_id_private = UpRef(private_key); ssl->config->channel_id_private = UpRef(private_key);
ssl->config->tlsext_channel_id_enabled = true; ssl->config->channel_id_enabled = true;
return 1; return 1;
} }
size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, size_t max_out) { size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, size_t max_out) {
if (!ssl->s3->tlsext_channel_id_valid) { if (!ssl->s3->channel_id_valid) {
return 0; return 0;
} }
OPENSSL_memcpy(out, ssl->s3->tlsext_channel_id, OPENSSL_memcpy(out, ssl->s3->channel_id, (max_out < 64) ? max_out : 64);
(max_out < 64) ? max_out : 64);
return 64; return 64;
} }

41
ssl/t1_lib.cc
View File

@ -591,7 +591,7 @@ static bool dont_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
static bool ext_sni_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) { static bool ext_sni_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
if (ssl->tlsext_hostname == nullptr) { if (ssl->hostname == nullptr) {
return true; return true;
} }
@ -601,8 +601,8 @@ static bool ext_sni_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
!CBB_add_u16_length_prefixed(&contents, &server_name_list) || !CBB_add_u16_length_prefixed(&contents, &server_name_list) ||
!CBB_add_u8(&server_name_list, TLSEXT_NAMETYPE_host_name) || !CBB_add_u8(&server_name_list, TLSEXT_NAMETYPE_host_name) ||
!CBB_add_u16_length_prefixed(&server_name_list, &name) || !CBB_add_u16_length_prefixed(&server_name_list, &name) ||
!CBB_add_bytes(&name, (const uint8_t *)ssl->tlsext_hostname.get(), !CBB_add_bytes(&name, (const uint8_t *)ssl->hostname.get(),
strlen(ssl->tlsext_hostname.get())) || strlen(ssl->hostname.get())) ||
!CBB_flush(out)) { !CBB_flush(out)) {
return false; return false;
} }
@ -1552,12 +1552,12 @@ static bool ext_alpn_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
// https://tools.ietf.org/html/draft-balfanz-tls-channelid-01 // https://tools.ietf.org/html/draft-balfanz-tls-channelid-01
static void ext_channel_id_init(SSL_HANDSHAKE *hs) { static void ext_channel_id_init(SSL_HANDSHAKE *hs) {
hs->ssl->s3->tlsext_channel_id_valid = false; hs->ssl->s3->channel_id_valid = false;
} }
static bool ext_channel_id_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) { static bool ext_channel_id_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
if (!hs->config->tlsext_channel_id_enabled || SSL_is_dtls(ssl)) { if (!hs->config->channel_id_enabled || SSL_is_dtls(ssl)) {
return true; return true;
} }
@ -1578,13 +1578,13 @@ static bool ext_channel_id_parse_serverhello(SSL_HANDSHAKE *hs,
} }
assert(!SSL_is_dtls(ssl)); assert(!SSL_is_dtls(ssl));
assert(hs->config->tlsext_channel_id_enabled); assert(hs->config->channel_id_enabled);
if (CBS_len(contents) != 0) { if (CBS_len(contents) != 0) {
return false; return false;
} }
ssl->s3->tlsext_channel_id_valid = true; ssl->s3->channel_id_valid = true;
return true; return true;
} }
@ -1592,8 +1592,7 @@ static bool ext_channel_id_parse_clienthello(SSL_HANDSHAKE *hs,
uint8_t *out_alert, uint8_t *out_alert,
CBS *contents) { CBS *contents) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
if (contents == NULL || !hs->config->tlsext_channel_id_enabled || if (contents == NULL || !hs->config->channel_id_enabled || SSL_is_dtls(ssl)) {
SSL_is_dtls(ssl)) {
return true; return true;
} }
@ -1601,13 +1600,13 @@ static bool ext_channel_id_parse_clienthello(SSL_HANDSHAKE *hs,
return false; return false;
} }
ssl->s3->tlsext_channel_id_valid = true; ssl->s3->channel_id_valid = true;
return true; return true;
} }
static bool ext_channel_id_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) { static bool ext_channel_id_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
if (!ssl->s3->tlsext_channel_id_valid) { if (!ssl->s3->channel_id_valid) {
return true; return true;
} }
@ -3396,12 +3395,11 @@ static int ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs) {
int ret = SSL_TLSEXT_ERR_NOACK; int ret = SSL_TLSEXT_ERR_NOACK;
int al = SSL_AD_UNRECOGNIZED_NAME; int al = SSL_AD_UNRECOGNIZED_NAME;
if (ssl->ctx->tlsext_servername_callback != 0) { if (ssl->ctx->servername_callback != 0) {
ret = ssl->ctx->tlsext_servername_callback(ssl, &al, ret = ssl->ctx->servername_callback(ssl, &al, ssl->ctx->servername_arg);
ssl->ctx->tlsext_servername_arg); } else if (ssl->session_ctx->servername_callback != 0) {
} else if (ssl->session_ctx->tlsext_servername_callback != 0) { ret = ssl->session_ctx->servername_callback(
ret = ssl->session_ctx->tlsext_servername_callback( ssl, &al, ssl->session_ctx->servername_arg);
ssl, &al, ssl->session_ctx->tlsext_servername_arg);
} }
switch (ret) { switch (ret) {
@ -3759,11 +3757,11 @@ int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
if (!sig_ok) { if (!sig_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID); OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR); ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
ssl->s3->tlsext_channel_id_valid = false; ssl->s3->channel_id_valid = false;
return 0; return 0;
} }
OPENSSL_memcpy(ssl->s3->tlsext_channel_id, p, 64); OPENSSL_memcpy(ssl->s3->channel_id, p, 64);
return 1; return 1;
} }
@ -3774,8 +3772,7 @@ bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) {
return false; return false;
} }
EC_KEY *ec_key = EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(hs->config->channel_id_private.get());
EVP_PKEY_get0_EC_KEY(hs->config->tlsext_channel_id_private.get());
if (ec_key == nullptr) { if (ec_key == nullptr) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return false; return false;
@ -3879,7 +3876,7 @@ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs) {
} }
int ssl_do_channel_id_callback(SSL_HANDSHAKE *hs) { int ssl_do_channel_id_callback(SSL_HANDSHAKE *hs) {
if (hs->config->tlsext_channel_id_private != NULL || if (hs->config->channel_id_private != NULL ||
hs->ssl->ctx->channel_id_cb == NULL) { hs->ssl->ctx->channel_id_cb == NULL) {
return 1; return 1;
} }

6
ssl/tls13_client.cc
View File

@ -442,7 +442,7 @@ static enum ssl_hs_wait_t do_read_encrypted_extensions(SSL_HANDSHAKE *hs) {
OPENSSL_PUT_ERROR(SSL, SSL_R_ALPN_MISMATCH_ON_EARLY_DATA); OPENSSL_PUT_ERROR(SSL, SSL_R_ALPN_MISMATCH_ON_EARLY_DATA);
return ssl_hs_error; return ssl_hs_error;
} }
if (ssl->s3->tlsext_channel_id_valid || hs->received_custom_extension || if (ssl->s3->channel_id_valid || hs->received_custom_extension ||
ssl->s3->token_binding_negotiated) { ssl->s3->token_binding_negotiated) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION_ON_EARLY_DATA); OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION_ON_EARLY_DATA);
return ssl_hs_error; return ssl_hs_error;
@ -691,13 +691,13 @@ static enum ssl_hs_wait_t do_complete_second_flight(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
// Send a Channel ID assertion if necessary. // Send a Channel ID assertion if necessary.
if (ssl->s3->tlsext_channel_id_valid) { if (ssl->s3->channel_id_valid) {
if (!ssl_do_channel_id_callback(hs)) { if (!ssl_do_channel_id_callback(hs)) {
hs->tls13_state = state_complete_second_flight; hs->tls13_state = state_complete_second_flight;
return ssl_hs_error; return ssl_hs_error;
} }
if (hs->config->tlsext_channel_id_private == NULL) { if (hs->config->channel_id_private == NULL) {
return ssl_hs_channel_id_lookup; return ssl_hs_channel_id_lookup;
} }

6
ssl/tls13_server.cc
View File

@ -389,7 +389,7 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
// The client must have offered early data. // The client must have offered early data.
hs->early_data_offered && hs->early_data_offered &&
// Channel ID is incompatible with 0-RTT. // Channel ID is incompatible with 0-RTT.
!ssl->s3->tlsext_channel_id_valid && !ssl->s3->channel_id_valid &&
// If Token Binding is negotiated, reject 0-RTT. // If Token Binding is negotiated, reject 0-RTT.
!ssl->s3->token_binding_negotiated && !ssl->s3->token_binding_negotiated &&
// Custom extensions is incompatible with 0-RTT. // Custom extensions is incompatible with 0-RTT.
@ -596,7 +596,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER); hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER);
// Only request a certificate if Channel ID isn't negotiated. // Only request a certificate if Channel ID isn't negotiated.
if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) && if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) &&
ssl->s3->tlsext_channel_id_valid) { ssl->s3->channel_id_valid) {
hs->cert_request = false; hs->cert_request = false;
} }
} }
@ -852,7 +852,7 @@ static enum ssl_hs_wait_t do_read_client_certificate_verify(
static enum ssl_hs_wait_t do_read_channel_id(SSL_HANDSHAKE *hs) { static enum ssl_hs_wait_t do_read_channel_id(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl; SSL *const ssl = hs->ssl;
if (!ssl->s3->tlsext_channel_id_valid) { if (!ssl->s3->channel_id_valid) {
hs->tls13_state = state_read_client_finished; hs->tls13_state = state_read_client_finished;
return ssl_hs_ok; return ssl_hs_ok;
} }